BugTraq
Hijacking Apache 2 via mod_perl Jan 21 2004 10:53PM
Steve Grubb (linux_4ever yahoo com) (2 replies)
Re: Hijacking Apache 2 via mod_perl Jan 22 2004 03:53PM
Ben Laurie (ben algroup co uk) (1 replies)
Re[2]: Hijacking Apache 2 via mod_perl Jan 22 2004 05:37PM
3APA3A (3APA3A SECURITY NNOV RU) (3 replies)
Re: Hijacking Apache 2 via mod_perl Jan 22 2004 06:39PM
Ben Laurie (ben algroup co uk)
Re: Re[2]: Hijacking Apache 2 via mod_perl Jan 22 2004 05:51PM
Steve G (linux_4ever yahoo com)
Re: Hijacking Apache 2 via mod_perl Jan 22 2004 05:42PM
André Malo (nd perlig de) (1 replies)
Re: Hijacking Apache 2 via mod_perl Jan 22 2004 06:04PM
Steve G (linux_4ever yahoo com) (2 replies)
>Then one just writes a perl extension in C. Who's responsible
>then?

But don't you need root to add extentions?

>Who's responsible if you just write a C module which hijacks the
>descriptors?

Again, you need an admin to update apache's config.

>Where do you draw the line?

I would think apache should have a safe and defined interface
between itself and modules. I cannot possibly think of any file
descriptor besides 0, 1, &2 that a module would need. The logs
should be stderr, the module should open a descriptor itself, or
apache have an API just for that purpose.

Xinetd, stunnel, and sshd can all run completely untrusted
applications without leaking their listening descriptor. Why
can't apache? Its not just mod_perl, mod_php leaks the https
descriptor, too.

-Steve Grubb

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/

[ reply ]
Re: Hijacking Apache 2 via mod_perl Jan 23 2004 09:39PM
Matthew Wakeling (mnw21-bugtraq jumpleads com)
Re: Hijacking Apache 2 via mod_perl Jan 23 2004 03:55AM
jon schatz (jon divisionbyzero com)
Re: Hijacking Apache 2 via mod_perl Jan 22 2004 10:20AM
lupe lupe-christoph de (Lupe Christoph)


 

Privacy Statement
Copyright 2010, SecurityFocus